Attention

This document was written for an old version of Plone, Plone 2.5.x, and was last updated 1570 days ago.

To learn how to upgrade to the current version of Plone, read the upgrade manual.

Listing all permissions in the site

by Kees Hink last modified Feb 04, 2009 03:04 AM
In the ZMI's "Security" tab, at the top level, you will see a list of all permissions in the site, and who has access to them. This how-to describes how to get a script to make a list of these permissions.

Purpose

For a future PAS plugin, i wanted to create a (multi)select field on a content type that takes the available site permissions as a vocabulary. For this purpose, i wanted a script that generates a list of all permissions.

Prerequisities

Any version of Plone will do.

Step by step

Place this script in your custom folder, or add it to your product's templates:

from Products.CMFCore.utils import getToolByName

portal_url = getToolByName(context, "portal_url")
portal = portal_url.getPortalObject()

all_permissions = []
# context has a method valid_roles
for role in portal.valid_roles():
    # role is a string of 'Contributor', 'Reader', etc.
    permissions = portal.permissionsOfRole(role)
    # permissions is a list of dicts
    for permission in permissions:
        # permission is a dict with keys 'selected' and 'name'
        if permission['name'] not in all_permissions:
            all_permissions.append(permission['name'])
all_permissions.sort()
return all_permissions

 

Further information

This script explicitly checks the permissions at the portal root. By changing 'portal' to 'context' you will get the permissions definied on the object where you call the script.


Contribute

Something wrong or out of date? Anybody can edit or create a new article in the knowledge base. Simply create an account on this site, log in, and click the Edit button to contribute.